问题
I want to protect my files from being extracted and my code get hacked. I saw two similar questions on SO
http://stackoverflow.com/questions/9633455/how-to-protect-a-jar-file-from-being-decompiled
http://stackoverflow.com/questions/7622419/protect-jar-file-source-code-with-exe-file-java
but these question's answers end up with using ProGaurd. While ProGaurd itself state that it will just try its best to obfuscate the code and doesn't guarantee 100% that the code will remain secure.
But there are softwares which convert Jar2Exe @ http://www.jar2exe.com/ which guarantees that the code will remain 100% secure. Besides JarProtector @ http://www.bfa-it.com/?lang=en&id=products/jarprotector
If someone is guaranteeing that our class files will remain secure then that means there is surely a way out but what is that technique they would be using to protect our Class files. I know that you can only guess but what would you best guess so we can protect our applications before we hand our Life-Efforted application to clients?
回答1:
First of all : there is no such thing as "100% secure".
Now : all of these apps simply wrap your jarfiles into machine-code, in fact they simply encapsulate it. Maybe some of them also obfuscate the jarfile in some way but the problem is only postponed : once an attacker gets rid of the encapsulation your java-code will be visible, readable.
Encapsulating jarfiles is ... no security at all, its quite easy to spot your jarfile inside of the machine-code if you're a skilled cracker. Obfuscating your java-code AND encapsulating it, on the other hand may very well grant you SOME security since obfuscation can be really complicated to crack.
Rest assured : it was never possible to make your application "secure", everyone on the planet can only take a few steps to make it harder to crack it.
来源:https://stackoverflow.com/questions/26083934/how-does-the-jar2exe-works-when-protecting-java-class-files-from-being-extracted